Fake Coinbase support scam allegedly nets $2M from users

An alleged scammer posing as a Coinbase customer support agent has reportedly stolen more than $2 million from users.

The findings were shared by blockchain investigator ZachXBT following an independent investigation.

ZachXBT said the suspect was identified through a combination of social media posts, Telegram activity and onchain wallet analysis.

The alleged scammer was described as a Canadian-based threat actor.

According to ZachXBT, the funds were stolen over the past year using social engineering tactics.

The scam involved impersonating Coinbase support staff to gain victims’ trust.

ZachXBT said the suspect contacted users and convinced them to hand over sensitive information.

In one example, a leaked video showed the alleged scammer speaking with a victim while posing as support.

The Canadian threat actor stole over $2m via Coinbase support impersonation social engineering scams.

ZachXBT said.

He alleged the stolen funds were spent on rare social media usernames, gambling and luxury nightlife.

The investigation claimed the suspect frequently boasted about their lifestyle online.

ZachXBT shared screenshots of social media posts allegedly linked to the scammer.

The posts reportedly showed little effort to maintain operational security.

The scammer allegedly attempted to cover their tracks by deleting Telegram accounts.

ZachXBT said the suspect repeatedly purchased expensive Telegram usernames to evade detection.

Despite these efforts, the investigator said the activity made tracking easier.

He leaks the email and his Telegram account with a number.

ZachXBT said.

ZachXBT also claimed to have identified the suspect’s home address using public information.

He said the details were not shared due to platform rules.

The case highlights ongoing risks posed by social engineering scams in crypto.

Social engineering relies on deception rather than technical exploits.

Scammers often impersonate legitimate companies to extract private data or funds.

ZachXBT warned that newcomers are especially vulnerable to such tactics.

He urged users to remain cautious when contacted unexpectedly.

Security experts advise never responding to unsolicited support messages.

Users are encouraged to contact exchanges only through official websites or apps.

Help desk staff will never request seed phrases or login credentials.

They will also never ask users to send funds to private wallets.

Redirecting conversations to Telegram or social media is another red flag.

ZachXBT said stronger user awareness remains critical to preventing losses.